Enable Content-Security-Policy for blog
All checks were successful
ci/woodpecker/push/woodpecker.exo Pipeline was successful
All checks were successful
ci/woodpecker/push/woodpecker.exo Pipeline was successful
This commit is contained in:
parent
9a9a2b83f0
commit
bb7cf3b4e8
GPG key ID:
B918086ED8045B91
|
|
@ -150,6 +150,15 @@ http://blog.xtexx.eu.org http://xtexblog.exozy.me {
|
|||
|
||||
header Server xtex-blog
|
||||
import httpsec
|
||||
header Content-Security-Policy "
|
||||
default-src 'self';
|
||||
base-uri 'self';
|
||||
frame-ancestors 'none';
|
||||
form-action 'self';
|
||||
script-src 'self';
|
||||
style-src 'self' https://unpkg.com;
|
||||
object-src 'none';
|
||||
"
|
||||
|
||||
handle_errors {
|
||||
@404 expression `{err.status_code} == 404`
|
||||
|
|
|
|||
Loading…
Reference in a new issue